16 matches found
APSB26-57 : Security update available for Adobe Experience Manager Forms
Adobe has released a security update for Adobe Experience Manager Forms on Java Enterprise Edition JEE. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution...
Adobe Experience Manager Forms - Insecure Deserialization
Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user...
EUVD-2005-2373
Malware in sbrugna...
EUVD-2021-21270
Malware in sbrugna...
EUVD-2005-2295
Malware in sbrugna...
APSB25-67 : Security update available for Adobe Experience Manager Forms
Adobe has released a security update for Adobe Experience Manager Forms on JEE. This update addresses a critical vulnerability that could lead to arbitrary code execution...
PT-2025-26822 · WordPress · Everest Forms
Name of the Vulnerable Software and Affected Versions: The Everest Forms Pro plugin for WordPress versions up to, and including, 1.9.4 Description: The issue is related to insufficient file path validation in the delete entry files function, allowing unauthenticated attackers to delete arbitrary...
CVE-2025-2524
The Ninja Forms WordPress plugin before 3.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
APSB25-27 : Security update available for Adobe Experience Manager Forms
Adobe has released security updates for AEM Forms on JEE versions for a dependency on vulnerable Third-Party Component . This dependency update resolves an important vulnerability that could lead to path traversal and case sensitive match exception...
Smart Forms < 2.6.94 - Subscriber+ Edit Entries via Broken Access Control
Description The plugin does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions While logged as a subscriber, paste the following in your browser's console: fetch'/wp-admin/admin-ajax.php', method:...
CVE-2022-3834 Google Forms <= 0.95 - Admin+ Stored XSS
The Google Forms WordPress plugin through 0.95 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Do You Know If Your Web Forms Are Secure?
By Owais Sultan Knowing if your forms are secure is a tricky one. Do you know if your front door is… This is a post from HackRead.com Read the original post: Do You Know If Your Web Forms Are Secure?...
Tecknodreams SapphireIMS 跨站请求伪造漏洞
Tecknodreams SapphireIMS is an ITIL 2011 certified Enterprise Service Management System from Tecknodreams India. Sapphire IMS 5.0 has a cross-site request forgery vulnerability that stems from the absence of CSRF tokens throughout the application in Sapphire IMS 5.0. This could lead to a CSRF...
CVE-2020-36170
The Ultimate Member plugin before 2.1.13 for WordPress mishandles hidden name="timestamp" fields in forms...
caa.co.za XSS vulnerability
Vulnerable URL: http://www.caa.co.za/examinations%20forms/forms/allitems.aspx?FollowSite=0=%27-confirm%27OPENBUGBOUNTY%27-%27 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 20.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 279861...
Атака через web-формы (HTML Form Protocol Attack)
Содержимое формы может быть передано в любой порт эмулируя работу какого-либо протокола...